TL;DR:
- Cybersecurity vendors are adopting a platform-based approach to augment existing AI systems.
- CISOs seek real-time data visibility and a unified view of endpoints, identities, and assets.
- Accenture and Palo Alto Networks collaborate on joint secure access service edge (SASE) solutions.
- CrowdStrike and Palo Alto Networks lead in consolidation strategies.
- Absolute Software’s Application Persistence-as-a-Service Ecosystem (APaaS) exemplifies platform support.
- AI is crucial in countering evolving cyber threats and achieving machine-scale capabilities.
- Vasu Jakkal and Jeetu Patel highlight the exponential increase in attacks and the need for AI.
- AI enables data loss prevention, anomaly detection, and proactive security measures.
- Insider threats gain higher priority, and AI aids in real-time user monitoring and behavioral analytics.
- AI integration strengthens data loss prevention and mitigates insider threats.
Main AI News:
CISOs are increasingly seeking efficacy, real-time data visibility, and a unified view of endpoints, identities, and assets across their networks. Additionally, they are in need of pricing assistance from vendors to ensure they stay within budget. The recent RSAC 2023 conference provided an ideal platform to evaluate any new announcements in light of these two crucial goals.
The conference’s theme, “Stronger Together,” resonated well with the multitude of new alliances and partnerships unveiled during the event. As CISOs continue to urge their vendors to consolidate their tech stacks and expenditures while also demanding improved efficacy, key industry players such as CrowdStrike, Delinea, Google, Mandiant, Accenture, and Palo Alto Networks responded accordingly. In fact, RSAC 2023 witnessed a greater number of alliances and partnerships than any previous edition of the conference.
The collaborative efforts between Accenture and Palo Alto Networks underscore the significance of alliances in establishing enduring engagements. These two companies are actively working together to provide joint secure access service edge (SASE) solutions, leveraging Palo Alto Networks’ AI-powered Prisma SASE. This strategic collaboration empowers organizations to enhance their cyber-resilience and expedite their business transformation.
Rex Thexton, the leader of Accenture’s cybersecurity protection business, highlighted the motivation behind organizations seeking to mitigate the risks associated with managing complex IT environments. With new technologies layered upon existing legacy infrastructures, businesses aim to strike a balance between minimizing risk and ensuring continuity.
At RSAC 2023, it became evident which vendors swiftly recognized consolidation as a business opportunity and which ones were just embarking on this journey to meet CISOs’ requirements. CrowdStrike, for instance, adopted a product-based approach early on with its consolidation strategy centered around Extended Detection and Response (XDR).
By leveraging AI, CrowdStrike’s XDR platform offers enhanced threat intelligence. Palo Alto Networks, on the other hand, embraced a comprehensive consolidation strategy during its Ignite ’22 conference last year. Building on this momentum, CrowdStrike solidified its position through strategic partnerships announced at RSAC 2023, including collaborations with Google Workspace, CrowdStream (powered by Cribl), and the introduction of the industry’s first native XDR offering for ChromeOS.
Benchmarking the numerous alliances and partnerships can be effectively accomplished by evaluating their platform support capabilities, particularly in terms of sharing telemetry data and offering a unified view of an enterprise’s network and endpoints. This alignment with CISOs’ desires is paramount. One exemplary alliance program that embodies this approach is Absolute Software’s Application Persistence-as-a-Service Ecosystem (APaaS), which leverages a scalable platform to empower CISOs with efficacy, real-time data visibility, and a comprehensive perspective of endpoints, identities, and assets across networks.
Absolute Software has taken a pioneering approach in developing its APaaS platform, enabling its Independent Software Vendor (ISV) partners to leverage its expertise in Absolute Persistence technology. With Absolute’s technology seamlessly integrated into the firmware of over 600 million PCs, it stands as the sole self-healing endpoint platform that establishes an indelible digital tether to each device and endpoint, bolstering overall resiliency. This unique feature sets Absolute apart by providing an invaluable foundation for CISOs to rely on.
By adopting a platform-centric strategy for their APaaS initiatives, ISV partners can reap the benefits of application resilience and gain comprehensive insights into the health and integrity of every endpoint. This is made possible by integrating the Absolute APaaS Software Development Kit (SDK) into their installers, facilitating the enrollment and activation of Absolute Persistence. Consequently, ISVs can empower their end customers by enabling their applications to exhibit enhanced resilience and self-healing capabilities.
The Absolute APaaS Ecosystem serves as a prime example of how alliances can be assessed based on their platform support, ensuring that CISOs’ requirements for efficacy, real-time data visibility, and a unified view of endpoints and networks are met. By embracing Absolute’s innovative platform and leveraging its industry-leading technology, ISV partners can position themselves as providers of resilient and secure solutions, addressing the evolving needs of enterprises in an increasingly complex threat landscape.
The pervasive use of artificial intelligence (AI) in cybersecurity has become akin to the fundamental building blocks of DNA. Cybercriminals have adeptly harnessed AI to personalize phishing messages, refine ransomware code, optimize malware-less attack strategies, and automate the identification of vulnerable, open ports in targeted organizations. These malevolent actors move swiftly, outpacing even the most efficient cybersecurity and security operations center (SOC) teams and technologies. They continually reinvent their attack strategies, seamlessly shifting attacks from one continent to another to evade detection.
Each breach attempt is meticulously designed to exploit human vulnerabilities, whether through social engineering or overwhelming complexity, speed, and scale. Combatting such breaches necessitates the deployment of machine learning and AI capabilities. At the RSAC conference, notable keynotes by Vasu Jakkal, Microsoft’s Corporate Vice President of Security, Compliance, Identity, and Privacy, and Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration Business Units at Cisco, left a lasting impression. Both speakers underscored AI’s pivotal role as the new DNA of cybersecurity and emphasized the imperative of achieving machine-scale capabilities and speed to counter evolving attacks.
During her enlightening keynote titled “Defending at Machine Speed: Technology’s New Frontier,” Vasu Jakkal highlighted the need to acknowledge the formidable adversaries faced in the cybersecurity landscape. She aptly noted the exponential increase in attacks, from 567 per second to a staggering 1,287 per second. This equates to tens of billions of attacks, underscoring the complex nature of cybersecurity. Jakkal emphasized the challenges faced by defenders, who grapple with managing over 70 tools simultaneously. The time required for investigation and strategic response demands a game-changing solution in the form of AI.
Jeetu Patel of Cisco, in an interview with VentureBeat at RSAC, reiterated the mounting difficulty in distinguishing between genuine threats and legitimate activities. As the sophistication of attacks escalates, it becomes increasingly arduous to discern malicious intent from routine operations. This predicament necessitates a shift from addressing attacks at a human scale to embracing machine-scale capabilities.
In Patel’s words, achieving machine scale necessitates the availability of comprehensive data and telemetry, transcending isolated domains. The establishment of cross-domain native boundaries assumes paramount importance, as it enables the creation of AI models capable of detecting anomalies effectively. These models are instrumental in expediting breach detection and ensuring prompt response measures.
The visionary insights shared by Vasu Jakkal and Jeetu Patel serve as a powerful reminder of the evolving threat landscape and the critical role AI plays in safeguarding digital environments. By leveraging AI’s potential and harnessing machine-scale capabilities, organizations can effectively combat cyber threats, detect breaches faster, and respond with utmost agility.
The RSAC events shed light on cybersecurity vendors that are adopting a systematic, platform-based approach to enhance their existing AI systems with more adaptable models. CISOs are increasingly seeking real-time data visibility and a unified view of endpoints, identities, and assets across their networks with the support of AI-driven insights.
VentureBeat had the opportunity to speak with several CEOs at RSAC to gauge their perspectives on the value of AI in their product strategies, both in the present and the future. Connie Stack, CEO of NextDLP, emphasized how AI and machine learning can significantly enhance data loss prevention by introducing intelligence and automation into the detection and prevention of data loss. Leveraging these technologies, algorithms can analyze data patterns and identify anomalies that may indicate security breaches or unauthorized access to sensitive information, preempting policy violations.
Stack also highlighted the potential of AI and machine learning to predict security threats based on historical data and patterns. This proactive approach enables security teams to take preventive measures against data loss or leakage. Customers and prospects have shown excitement about the potential of AI and ML in their data loss prevention use cases, recognizing the opportunity to reduce manual efforts in detecting data loss and reallocating security resources to other critical tasks.
Insider threats have become a higher priority for most CEOs and CISOs compared to the previous year. The prevailing anxiety among employees due to news reports of tech leaders letting go of thousands of workers has amplified this concern. When asked about how AI can mitigate insider threats on the NextDLP platform, Stack explained that AI and machine learning integrated into the Reveal Platform, alongside their endpoint agent, play a crucial role in real-time user monitoring.
By employing AI and ML algorithms, organizations can monitor user behavior and swiftly detect and respond to potential data-loss incidents. Behavioral analytics rapidly identify abnormal patterns, such as unauthorized access to sensitive data outside of regular working hours or large-scale data downloads to external devices, triggering alerts for further investigation by analysts, even before any policy violation occurs.
The integration of AI and machine learning into cybersecurity platforms like NextDLP’s Reveal Platform not only strengthens data loss prevention but also empowers organizations to proactively address insider threats. By leveraging real-time user monitoring and behavioral analytics, companies can detect and mitigate risks promptly, safeguarding sensitive information from unauthorized access or data leakage.
Conlcusion:
The growing adoption of AI in cybersecurity, as witnessed at RSAC 2023, signifies a significant shift in the market. CISOs’ increasing demand for real-time data visibility, unified views of endpoints, and efficacy drive the need for innovative platform-based solutions. Cybersecurity vendors that strategically align with these requirements and prioritize consolidation, collaboration, and integration of AI technologies are well-positioned to meet the evolving market demands.
Furthermore, the integration of AI in data loss prevention and addressing insider threats provides organizations with proactive measures and enhanced security capabilities. As the market continues to evolve, AI-powered solutions will play a pivotal role in safeguarding digital environments and countering emerging cyber threats, enabling businesses to stay resilient and secure in an ever-changing threat landscape.